US to propose ‘know your customer’ requirements for cloud providers

The Biden administration will soon propose requirements for cloud companies aimed at finding out who is accessing US clouds to train AI models, US Commerce Secretary Gina Raimondo said, as the burgeoning AI sector raises increasing security concerns.

US to propose 'know your customer' requirements for cloud providers

The Biden administration will soon propose requirements for cloud companies aimed at finding out who is accessing US clouds to train AI models, US Commerce Secretary Gina Raimondo said, as the burgeoning AI sector raises increasing security concerns.




US to propose 'know your customer' requirements for cloud providers










“We can’t have non-state actors or China or folks who we don’t want accessing our cloud to train their models,” Raimondo said in an interview with Reuters.

“We use export controls on chips,” she noted, adding, “Those chips are in American cloud data centres so we also have to think about closing down that avenue for potential malicious activity.”

The proposed “know your customer” regulation is set to be released as soon as next week. “It is a big deal,” Raimondo said.

The Commerce secretary said US cloud computing companies “should have the burden of knowing who their biggest customers are training the biggest models, and we’re trying to get that information. What will we do with that information? It depends on what we find.”

Raimondo spoke to Reuters after speaking at an event with former Secretary of State Condoleezza Rice, telling an audience the department was “beginning the process of requiring US cloud companies to tell us every time a non-US entity uses their cloud to train a large language model.”

President Joe Biden in October signed an executive order requiring developers of AI systems that pose risks to US national security, the economy, public health or safety to share the results of safety tests with the U.S. government, using the government’s authority under the Defense Production Act (DPA), before they are released to the public.

Those survey requests under the DPA are soon going to companies, Raimondo said, telling Reuters that companies will have 30 days to respond.

“Any company that doesn’t want to comply is a red flag for me,” she said.

Top cloud providers include Amazon.com’s AWS , Alphabet’s Google Cloud and Microsoft’s Azure unit.



About Author

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.